46e866e87ecfc93d3eb391535c1b5867

Sharing

Copy URL

Twitter E-mail

General

Target

46e866e87ecfc93d3eb391535c1b5867
Size

1.2MB
MD5

46e866e87ecfc93d3eb391535c1b5867
SHA1

8e5e2fc30dcf5c49c2143dcf9c03ae168873c1f5
SHA256

3996277685c3381aaafd393778df881e554b254906afa34fd681929b28767413
SHA512

37f83020ab54717ac134fff98b5983514c7add2438b05cfd8f96e28649782f110083d1923ec0d206dd0f0d87c7f12b95ab947f0a9f1b8060e72f2d88e1559c5a
SSDEEP

24576:n+kD3kR1k5irAE6VVAa38JYJj4lpqxXdWGioY/8w:n+A3kR1WirhiVAYbJj4lpqVdWGiJ/8w

Score

1^/10

Malware Config

Signatures

Files

46e866e87ecfc93d3eb391535c1b5867
.exe windows x86

4ac07d44552b6b50403d4d55fb4d0f42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
FileTimeToLocalFileTime
GetVersion
GetVolumeInformationW
SetSystemPowerState
GetCommandLineW
GetLocalTime
CreateFileW
GetProcAddress
WaitForSingleObject
WritePrivateProfileSectionW
Sleep
WriteConsoleW
GetStdHandle
ExitProcess
GetTempPathW
HeapAlloc
LoadResource
FindFirstChangeNotificationW
GetCurrentDirectoryW
LoadLibraryW
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
SizeofResource
GetModuleHandleW
GetDateFormatW
GetVersionExW
OpenProcess
GetSystemTime
CloseHandle
QueryPerformanceCounter
HeapSize
GetLocaleInfoW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
WriteFile
SetStdHandle
GetCurrentThreadId
SetLastError
TlsFree
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
GetStringTypeW
GetLastError
HeapFree
RaiseException
RtlUnwind
HeapSetInformation
GetStartupInfoW
GetCPInfo
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
HeapCreate
TlsAlloc
TlsGetValue
TlsSetValue

user32

ScrollWindow
AppendMenuW
GetActiveWindow
IsDialogMessageW
SetWindowsHookExW
PostMessageW
TrackPopupMenu
FillRect
IsIconic
SetWindowTextW
SetWindowLongW
GetMenuItemCount
GetDlgItem
GetWindow
SetPropW

gdi32

GetBkColor
CreateSolidBrush

comctl32

ImageList_EndDrag
ImageList_GetImageCount
ImageList_GetDragImage
ImageList_Create

ole32

CoRevokeClassObject
CoUninitialize
CoInitialize

wininet

InternetConnectW
InternetReadFile
FtpOpenFileW
HttpOpenRequestW
InternetCloseHandle
InternetOpenW
HttpQueryInfoW
HttpSendRequestW
InternetSetOptionW

shlwapi

PathAppendW
PathAddBackslashW
PathStripToRootW

Sections

.text
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 927KB - Virtual size: 926KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ac07d44552b6b50403d4d55fb4d0f42

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

ole32

wininet

shlwapi

Sections

.text Size: 305KB - Virtual size: 304KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 11KB - Virtual size: 85KB

.rsrc Size: 927KB - Virtual size: 926KB

.text
Size: 305KB - Virtual size: 304KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 11KB - Virtual size: 85KB

.rsrc
Size: 927KB - Virtual size: 926KB